2009-06-29 22:38:29 +04:00
|
|
|
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
|
|
|
|
* vim: sw=4 ts=4 et :
|
2009-07-14 01:55:04 +04:00
|
|
|
*/
|
|
|
|
/* ***** BEGIN LICENSE BLOCK *****
|
2009-06-29 22:38:29 +04:00
|
|
|
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
|
|
|
|
*
|
|
|
|
* The contents of this file are subject to the Mozilla Public License Version
|
|
|
|
* 1.1 (the "License"); you may not use this file except in compliance with
|
|
|
|
* the License. You may obtain a copy of the License at
|
|
|
|
* http://www.mozilla.org/MPL/
|
|
|
|
*
|
|
|
|
* Software distributed under the License is distributed on an "AS IS" basis,
|
|
|
|
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
|
|
* for the specific language governing rights and limitations under the
|
|
|
|
* License.
|
|
|
|
*
|
|
|
|
* The Original Code is Mozilla Plugin App.
|
|
|
|
*
|
|
|
|
* The Initial Developer of the Original Code is
|
|
|
|
* Chris Jones <jones.chris.g@gmail.com>
|
|
|
|
* Portions created by the Initial Developer are Copyright (C) 2009
|
|
|
|
* the Initial Developer. All Rights Reserved.
|
|
|
|
*
|
|
|
|
* Contributor(s):
|
|
|
|
*
|
|
|
|
* Alternatively, the contents of this file may be used under the terms of
|
|
|
|
* either the GNU General Public License Version 2 or later (the "GPL"), or
|
|
|
|
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
|
|
|
|
* in which case the provisions of the GPL or the LGPL are applicable instead
|
|
|
|
* of those above. If you wish to allow use of your version of this file only
|
|
|
|
* under the terms of either the GPL or the LGPL, and not to allow others to
|
|
|
|
* use your version of this file under the terms of the MPL, indicate your
|
|
|
|
* decision by deleting the provisions above and replace them with the notice
|
|
|
|
* and other provisions required by the GPL or the LGPL. If you do not delete
|
|
|
|
* the provisions above, a recipient may use your version of this file under
|
|
|
|
* the terms of any one of the MPL, the GPL or the LGPL.
|
|
|
|
*
|
|
|
|
* ***** END LICENSE BLOCK ***** */
|
|
|
|
|
|
|
|
#include "mozilla/ipc/RPCChannel.h"
|
2009-07-02 09:45:19 +04:00
|
|
|
#include "mozilla/ipc/GeckoThread.h"
|
2009-06-29 22:38:29 +04:00
|
|
|
|
|
|
|
#include "nsDebug.h"
|
|
|
|
|
|
|
|
using mozilla::MutexAutoLock;
|
2009-09-11 03:54:37 +04:00
|
|
|
using mozilla::MutexAutoUnlock;
|
2009-06-29 22:38:29 +04:00
|
|
|
|
|
|
|
template<>
|
|
|
|
struct RunnableMethodTraits<mozilla::ipc::RPCChannel>
|
|
|
|
{
|
|
|
|
static void RetainCallee(mozilla::ipc::RPCChannel* obj) { }
|
|
|
|
static void ReleaseCallee(mozilla::ipc::RPCChannel* obj) { }
|
|
|
|
};
|
|
|
|
|
|
|
|
namespace mozilla {
|
|
|
|
namespace ipc {
|
|
|
|
|
|
|
|
bool
|
|
|
|
RPCChannel::Call(Message* msg, Message* reply)
|
|
|
|
{
|
2009-08-19 19:44:56 +04:00
|
|
|
NS_ABORT_IF_FALSE(!ProcessingSyncMessage(),
|
|
|
|
"violation of sync handler invariant");
|
|
|
|
NS_ASSERTION(ChannelConnected == mChannelState,
|
2009-07-14 09:12:50 +04:00
|
|
|
"trying to Send() to a channel not yet open");
|
2009-08-19 19:44:56 +04:00
|
|
|
NS_PRECONDITION(msg->is_rpc(),
|
|
|
|
"can only Call() RPC messages here");
|
2009-07-02 09:45:19 +04:00
|
|
|
|
2009-09-11 11:28:09 +04:00
|
|
|
MutexAutoLock lock(mMutex);
|
2009-06-29 22:38:29 +04:00
|
|
|
|
2009-08-19 09:22:01 +04:00
|
|
|
msg->set_rpc_remote_stack_depth(mRemoteStackDepth);
|
2009-09-11 11:28:09 +04:00
|
|
|
mStack.push(*msg);
|
2009-08-19 09:22:01 +04:00
|
|
|
|
|
|
|
// bypass |SyncChannel::Send| b/c RPCChannel implements its own
|
|
|
|
// waiting semantics
|
2009-07-14 01:55:04 +04:00
|
|
|
AsyncChannel::Send(msg);
|
|
|
|
|
2009-06-29 22:38:29 +04:00
|
|
|
while (1) {
|
2009-09-11 11:28:09 +04:00
|
|
|
// here we're waiting for something to happen. see long
|
|
|
|
// comment about the queue in RPCChannel.h
|
|
|
|
while (mPending.empty()) {
|
|
|
|
mCvar.Wait();
|
|
|
|
}
|
|
|
|
|
|
|
|
Message recvd = mPending.front();
|
2009-06-29 22:38:29 +04:00
|
|
|
mPending.pop();
|
|
|
|
|
2009-09-11 11:28:09 +04:00
|
|
|
// async message. process it, go back to waiting
|
|
|
|
if (!recvd.is_sync() && !recvd.is_rpc()) {
|
|
|
|
MutexAutoUnlock unlock(mMutex);
|
|
|
|
|
|
|
|
AsyncChannel::OnDispatchMessage(recvd);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2009-09-11 03:54:37 +04:00
|
|
|
// something sync. Let the sync dispatcher take care of it
|
|
|
|
// (it may be an invalid message, but the sync handler will
|
|
|
|
// check that).
|
|
|
|
if (recvd.is_sync()) {
|
2009-09-11 11:28:09 +04:00
|
|
|
NS_ABORT_IF_FALSE(mPending.empty(),
|
|
|
|
"other side is malfunctioning");
|
2009-09-11 03:54:37 +04:00
|
|
|
MutexAutoUnlock unlock(mMutex);
|
|
|
|
|
|
|
|
SyncChannel::OnDispatchMessage(recvd);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
// from here on, we know that recvd.is_rpc()
|
|
|
|
NS_ABORT_IF_FALSE(recvd.is_rpc(), "wtf???");
|
|
|
|
|
|
|
|
// reply message
|
2009-08-19 09:22:01 +04:00
|
|
|
if (recvd.is_reply()) {
|
2009-09-11 11:28:09 +04:00
|
|
|
NS_ABORT_IF_FALSE(0 < mStack.size(), "invalid RPC stack");
|
2009-07-14 01:55:04 +04:00
|
|
|
|
2009-09-11 11:28:09 +04:00
|
|
|
const Message& outcall = mStack.top();
|
2009-08-08 03:13:20 +04:00
|
|
|
|
2009-09-11 11:28:09 +04:00
|
|
|
if (recvd.type() != (outcall.type()+1) && !recvd.is_reply_error()) {
|
2009-07-14 01:55:04 +04:00
|
|
|
// FIXME/cjones: handle error
|
2009-09-11 03:54:37 +04:00
|
|
|
NS_ABORT_IF_FALSE(0, "somebody's misbehavin'");
|
2009-07-14 01:55:04 +04:00
|
|
|
}
|
|
|
|
|
2009-08-19 09:22:01 +04:00
|
|
|
// we received a reply to our most recent outstanding
|
|
|
|
// call. pop this frame and return the reply
|
2009-09-11 11:28:09 +04:00
|
|
|
mStack.pop();
|
2009-08-08 03:13:20 +04:00
|
|
|
|
|
|
|
bool isError = recvd.is_reply_error();
|
|
|
|
if (!isError) {
|
|
|
|
*reply = recvd;
|
|
|
|
}
|
2009-06-29 22:38:29 +04:00
|
|
|
|
2009-09-11 11:28:09 +04:00
|
|
|
if (0 == StackDepth()) {
|
|
|
|
// this was the last outcall we were waiting on.
|
|
|
|
// flush the pending queue into the "regular" event
|
|
|
|
// queue, checking invariants along the way. see long
|
|
|
|
// comment in RPCChannel.h
|
|
|
|
bool seenBlocker = false;
|
|
|
|
|
|
|
|
// A<* (S< | C<)
|
|
|
|
while (!mPending.empty()) {
|
|
|
|
Message m = mPending.front();
|
|
|
|
mPending.pop();
|
|
|
|
|
|
|
|
if (m.is_sync()) {
|
|
|
|
NS_ABORT_IF_FALSE(!seenBlocker,
|
|
|
|
"other side is malfunctioning");
|
|
|
|
seenBlocker = true;
|
|
|
|
|
|
|
|
MessageLoop::current()->PostTask(
|
|
|
|
FROM_HERE,
|
|
|
|
NewRunnableMethod(this,
|
|
|
|
&RPCChannel::OnDelegate, m));
|
|
|
|
}
|
|
|
|
else if (m.is_rpc()) {
|
|
|
|
NS_ABORT_IF_FALSE(!seenBlocker,
|
|
|
|
"other side is malfunctioning");
|
|
|
|
seenBlocker = true;
|
|
|
|
|
|
|
|
MessageLoop::current()->PostTask(
|
|
|
|
FROM_HERE,
|
|
|
|
NewRunnableMethod(this,
|
|
|
|
&RPCChannel::OnIncall,
|
|
|
|
m));
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
MessageLoop::current()->PostTask(
|
|
|
|
FROM_HERE,
|
|
|
|
NewRunnableMethod(this,
|
|
|
|
&RPCChannel::OnDelegate, m));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
// shouldn't have queued any more messages, since
|
|
|
|
// the other side is now supposed to be blocked on a
|
|
|
|
// reply from us!
|
|
|
|
if (mPending.size() > 0) {
|
|
|
|
NS_RUNTIMEABORT("other side should have been blocked");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// unlocks mMutex
|
2009-08-08 03:13:20 +04:00
|
|
|
return !isError;
|
2009-06-29 22:38:29 +04:00
|
|
|
}
|
|
|
|
|
2009-09-11 11:28:09 +04:00
|
|
|
// in-call. process in a new stack frame
|
|
|
|
NS_ABORT_IF_FALSE(mPending.empty(),
|
|
|
|
"other side is malfunctioning");
|
|
|
|
|
|
|
|
// "snapshot" the current stack depth while we own the Mutex
|
|
|
|
size_t stackDepth = StackDepth();
|
|
|
|
{
|
2009-09-11 03:54:37 +04:00
|
|
|
MutexAutoUnlock unlock(mMutex);
|
2009-06-29 22:38:29 +04:00
|
|
|
// someone called in to us from the other side. handle the call
|
2009-08-19 09:22:01 +04:00
|
|
|
ProcessIncall(recvd, stackDepth);
|
2009-07-14 01:55:04 +04:00
|
|
|
// FIXME/cjones: error handling
|
2009-06-29 22:38:29 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2009-09-11 11:28:09 +04:00
|
|
|
void
|
|
|
|
RPCChannel::OnDelegate(const Message& msg)
|
|
|
|
{
|
|
|
|
if (msg.is_sync())
|
|
|
|
return SyncChannel::OnDispatchMessage(msg);
|
|
|
|
else if (!msg.is_rpc())
|
|
|
|
return AsyncChannel::OnDispatchMessage(msg);
|
|
|
|
NS_RUNTIMEABORT("fatal logic error");
|
|
|
|
}
|
|
|
|
|
2009-07-14 01:55:04 +04:00
|
|
|
void
|
2009-08-19 09:22:01 +04:00
|
|
|
RPCChannel::OnIncall(const Message& call)
|
2009-06-29 22:38:29 +04:00
|
|
|
{
|
2009-09-11 11:28:09 +04:00
|
|
|
// We only reach here from the "regular" event loop, when
|
|
|
|
// StackDepth() == 0. That's the "snapshot" of the state of the
|
|
|
|
// RPCChannel we use when processing this message.
|
2009-08-19 09:22:01 +04:00
|
|
|
ProcessIncall(call, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
RPCChannel::ProcessIncall(const Message& call, size_t stackDepth)
|
|
|
|
{
|
|
|
|
mMutex.AssertNotCurrentThreadOwns();
|
|
|
|
NS_ABORT_IF_FALSE(call.is_rpc(),
|
|
|
|
"should have been handled by SyncChannel");
|
|
|
|
|
|
|
|
// Race detection: see the long comment near mRemoteStackDepth
|
|
|
|
// in RPCChannel.h
|
|
|
|
NS_ASSERTION(stackDepth == call.rpc_remote_stack_depth(),
|
|
|
|
"RPC in-calls have raced!");
|
2009-06-29 22:38:29 +04:00
|
|
|
|
2009-08-08 03:13:20 +04:00
|
|
|
Message* reply = nsnull;
|
2009-08-19 09:22:01 +04:00
|
|
|
|
|
|
|
++mRemoteStackDepth;
|
|
|
|
Result rv =
|
|
|
|
static_cast<RPCListener*>(mListener)->OnCallReceived(call, reply);
|
|
|
|
--mRemoteStackDepth;
|
|
|
|
|
|
|
|
switch (rv) {
|
2009-07-16 01:38:55 +04:00
|
|
|
case MsgProcessed:
|
2009-09-15 00:00:31 +04:00
|
|
|
break;
|
2009-06-29 22:38:29 +04:00
|
|
|
|
2009-07-16 01:38:55 +04:00
|
|
|
case MsgNotKnown:
|
|
|
|
case MsgNotAllowed:
|
|
|
|
case MsgPayloadError:
|
|
|
|
case MsgRouteError:
|
|
|
|
case MsgValueError:
|
2009-08-08 03:13:20 +04:00
|
|
|
delete reply;
|
|
|
|
reply = new Message();
|
|
|
|
reply->set_rpc();
|
|
|
|
reply->set_reply();
|
|
|
|
reply->set_reply_error();
|
2009-07-14 01:55:04 +04:00
|
|
|
// FIXME/cjones: error handling; OnError()?
|
2009-09-15 00:00:31 +04:00
|
|
|
break;
|
2009-06-29 22:38:29 +04:00
|
|
|
|
|
|
|
default:
|
|
|
|
NOTREACHED();
|
2009-07-14 01:55:04 +04:00
|
|
|
return;
|
2009-06-29 22:38:29 +04:00
|
|
|
}
|
2009-09-15 00:00:31 +04:00
|
|
|
|
|
|
|
mIOLoop->PostTask(FROM_HERE,
|
|
|
|
NewRunnableMethod(this,
|
|
|
|
&RPCChannel::OnSendReply,
|
|
|
|
reply));
|
|
|
|
|
2009-06-29 22:38:29 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// The methods below run in the context of the IO thread, and can proxy
|
|
|
|
// back to the methods above
|
|
|
|
//
|
|
|
|
|
|
|
|
void
|
|
|
|
RPCChannel::OnMessageReceived(const Message& msg)
|
2009-07-14 01:55:04 +04:00
|
|
|
{
|
|
|
|
MutexAutoLock lock(mMutex);
|
|
|
|
|
2009-08-19 09:22:01 +04:00
|
|
|
if (0 == StackDepth()) {
|
2009-09-11 03:54:37 +04:00
|
|
|
// we're idle wrt to the RPC layer, and this message could be
|
|
|
|
// async, sync, or rpc.
|
|
|
|
//
|
|
|
|
// if it's *not* an RPC message, we delegate processing to the
|
|
|
|
// SyncChannel. it knows how to properly dispatch sync and
|
|
|
|
// async messages, and the sync channel also will do error
|
|
|
|
// checking wrt to its invariants
|
|
|
|
if (!msg.is_rpc()) {
|
2009-09-15 00:00:31 +04:00
|
|
|
MutexAutoUnlock unlock(mMutex);
|
2009-09-11 03:54:37 +04:00
|
|
|
return SyncChannel::OnMessageReceived(msg);
|
|
|
|
}
|
|
|
|
|
2009-08-19 19:44:56 +04:00
|
|
|
// wake up the worker, there's a new in-call to process
|
2009-08-19 09:22:01 +04:00
|
|
|
|
|
|
|
// NB: the interaction between this and SyncChannel is rather
|
2009-08-19 19:44:56 +04:00
|
|
|
// subtle. It's possible for us to send a sync message
|
|
|
|
// exactly when the other side sends an RPC in-call. A sync
|
|
|
|
// handler invariant is that the sync message must be replied
|
|
|
|
// to before sending any other blocking message, so we know
|
|
|
|
// that the other side must reply ASAP to the sync message we
|
|
|
|
// just sent. Thus by queuing this RPC in-call in that
|
|
|
|
// situation, we specify an order on the previously unordered
|
|
|
|
// messages and satisfy all invariants.
|
|
|
|
//
|
|
|
|
// It's not possible for us to otherwise receive an RPC
|
|
|
|
// in-call while awaiting a sync response in any case where
|
|
|
|
// both us and the other side are behaving legally. Is it
|
2009-09-11 03:54:37 +04:00
|
|
|
// worth trying to detect this case? (It's kinda hard.)
|
2009-06-29 22:38:29 +04:00
|
|
|
mWorkerLoop->PostTask(FROM_HERE,
|
|
|
|
NewRunnableMethod(this,
|
2009-08-19 09:22:01 +04:00
|
|
|
&RPCChannel::OnIncall, msg));
|
2009-06-29 22:38:29 +04:00
|
|
|
}
|
|
|
|
else {
|
2009-09-11 03:54:37 +04:00
|
|
|
// we're waiting on an RPC reply
|
|
|
|
|
|
|
|
// NB some logic here is duplicated with SyncChannel. this is
|
|
|
|
// to allow more local reasoning
|
|
|
|
|
2009-09-11 11:28:09 +04:00
|
|
|
// NBB see the second-to-last long comment in RPCChannel.h
|
|
|
|
// describing legal queue states
|
2009-09-11 10:05:42 +04:00
|
|
|
|
2009-09-11 03:54:37 +04:00
|
|
|
// if we're waiting on a sync reply, and this message is sync,
|
|
|
|
// dispatch it to the sync message handler. It will check that
|
|
|
|
// it's a reply, and the right kind of reply, then do its
|
|
|
|
// thing.
|
2009-09-11 11:28:09 +04:00
|
|
|
//
|
|
|
|
// since we're waiting on an RPC answer in an older stack
|
|
|
|
// frame, we know we'll eventually pop back to the
|
|
|
|
// RPCChannel::Call frame where we're awaiting the RPC reply.
|
|
|
|
// so the queue won't be forgotten!
|
2009-09-11 03:54:37 +04:00
|
|
|
if (AwaitingSyncReply()
|
|
|
|
&& msg.is_sync()) {
|
|
|
|
// wake up worker thread (at SyncChannel::Send) awaiting
|
|
|
|
// this reply
|
|
|
|
mRecvd = msg;
|
|
|
|
mCvar.Notify();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2009-09-11 11:28:09 +04:00
|
|
|
// waiting on a sync reply, but got an async message. that's OK,
|
|
|
|
// but we defer processing of it until the sync reply comes in.
|
|
|
|
if (AwaitingSyncReply()
|
|
|
|
&& !msg.is_sync() && !msg.is_rpc()) {
|
|
|
|
mPending.push(msg);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2009-09-11 03:54:37 +04:00
|
|
|
// if this side and the other were functioning correctly, we'd
|
|
|
|
// never reach this case. RPCChannel::Call explicitly checks
|
|
|
|
// for and disallows this case. so if we reach here, the other
|
|
|
|
// side is malfunctioning (compromised?).
|
|
|
|
if (AwaitingSyncReply() /* msg.is_rpc() */) {
|
|
|
|
// FIXME other error handling?
|
|
|
|
NS_RUNTIMEABORT("the other side is malfunctioning");
|
|
|
|
return; // not reached
|
|
|
|
}
|
|
|
|
|
2009-09-11 11:28:09 +04:00
|
|
|
// otherwise, we (legally) either got (i) async msg; (ii) sync
|
|
|
|
// in-msg; (iii) re-entrant rpc in-call; (iv) rpc reply we
|
|
|
|
// were awaiting. Dispatch to the worker, where invariants
|
|
|
|
// are checked and the message processed.
|
2009-06-29 22:38:29 +04:00
|
|
|
mPending.push(msg);
|
|
|
|
mCvar.Notify();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
} // namespace ipc
|
|
|
|
} // namespace mozilla
|